cloud security Malware that spreads via Redis now capable of deploying ransomware P2Pinfect now able to deploy ransomware and crypto miner payloads.
Cybersecurity đź’€This malware campaign uses Discord emojis for C2 instructions Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."
Cybersecurity Single host saw 70,000 servers hit with Ebury backdoor Malware operators “have established a significant presence in data centers worldwide”
News Kapeka Russian malware surfaces in Europe A new variant of the Kremlin-backed Sandworm software known as Kapeka has been found in the wild
News International 'Duck Hunt' dismantles Qakbot network An international law enforcement campaign has struck a lethal blow to the long-running Qakbot malware and botnet operation
malware WinRAR zero-day used to pack in malware for targeted attacks A months-long malware campaign was seen exploiting a zero-day flaw in WinRAR for spear-phishing attacks aimed at traders and finance professionals
News LabRat malware said to be flying under the radar of security tools A newly-spoted proxyjacking campaign is going above and beyond to hide itself from detection
Cybersecurity Malvertising: Threat actors are duping downloaders using... Google Ads and SEO Threat actors are using SEO to trick users into downloading ransomware.
Members only malware NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk The bootkit has been sold on underground forums since at least October 6, 2022. It has a tiny on-disk size of around 80kb, can disable HVCI, Windows Defender, BitLocker, and bypass UAC
Featured Five Eyes kills Russia’s Snake after FSB used weak crypto Highly sophisticated malware had been refined for over 20 years
Cybersecurity Over 200,000 unique malware samples found in 12 weeks, amid AI threat warnings Signature-based detection is dying hard.
Cybersecurity ChatGPT used to create elusive "polymorphic" malware The ChatGPT API "bypasses every content filter there is"
Cybersecurity New malware discovered targeting VMware ESXi servers Security researchers at Juniper Threat Labs say they have identified previously undocumented malware targeting VMware ESXi servers that is notable for its “simplicity, persistence and capabilities.” VMware’s ESXi is a bare metal hypervisor that is widely deployed in large enterprises to run software virtually, from applications to fully emulated
Cybersecurity This dance album was made with 200+ exotic malware samples It uses code, images, network traffic, and entropy values of malware to generate sounds...
Cybersecurity Bolster your VMware ESXi security: Novel malware ecosystem identified Malware avoids EDR, attains persistence, is highly stealthy
Cybersecurity Previously undocumented rootkit being deployed by Chinese APT Daxin malware has some really clever C2 techniques to exfiltrate intelligence
Featured Chinese hackers masqueraded as Iran to attack Israel: Mandiant CVE-2019-0604 a common entry point...
Cybersecurity "Gootloader" campaign active since Jan. 2021 is targeting enterprise verticals worldwide. 900 unique droppers identified with very low VirusTotal detection
Featured First malware found escaping Windows containers to attack Kubernetes clusters Security researcher Daniel Prizmant swings by campaign's C2 server...
Cybersecurity Microsoft, FireEye identify new C2 malware, written in Go, persisting post-SolarWinds attacks. Microsoft calls it GoldMax; FireEye calls it SUNSHUTTLE. They're talking about the same thing: sophisticated backdoor that evaded...